<?php 
namespace Home\Controller;
use Hdphp\Library\Controller;


class LoginController extends Controller{

	//登录
	public function Login(){
		if(!IS_POST) halt('非法访问');

		$username=htmlspecialchars($_POST['account']);
		$pwd=md5($_POST['pwd']);
		
		$sql="SELECT * FROM hd_user WHERE username='{$username}' LIMIT 1";

		$user=M()->query($sql);

		if( $user[0]['lock'] ==1 ) $this->error('您的用户已锁定,请与管理员联系');

		if( $user[0]['passwd'] != $pwd ) $this->error('用户名或密码错误');

		$_SESSION['username']=$username;
		$_SESSION['uid']=$user[0]['uid'];
			//下次自动登录
		if($_POST['auto']=='on'){
				//如果用户开启下次自动登陆 设置cookie的名字 值 过期时间 和作用域
			setcookie(session_name(),session_id(),time()+3600*24*365,'/');
		}else{
			setcookie(session_name(),session_id(),0,'/');
		}

		$this->success('登录成功','./index.php');

	}

	//退出
	public function out(){
		session_unset();
		session_destroy();
		$this->error('退出成功','./index.php');
	}

}

 ?>